changelogs.md


phylum-dev/phylum-ci

Repository  -  API  -  Source

0.12.0

August 11, 2022

Feature

  • Host phylum-ci Docker image on GitHub Container Registry (#97) (ebc882e)

0.11.0

August 4, 2022

Feature

  • Add git pre-commit hook integration (#91) (99c5726)

Fix

  • Incorrect vulnerability risk domain package key name (#94) (247b4a4)

Documentation

  • Update CONTRIBUTING.md to show how to add dependencies without constraints (d25dd1f)
  • Create exclusive directory for Integrations docs to sync properly (#80) (d8b608b)

0.10.0

July 14, 2022

Feature

  • Check for and list valid versions and targets programmatically in phylum-init (#74) (7066565)

Documentation

  • Add integration documentation to Phylum docs page (5b988b9)

Performance

  • Allow native Docker image creation (#77) (9ee4123)

0.9.1

July 1, 2022

Fix

  • Detect lockfile changes in GitHub PRs (#73) (c119a4a)
  • Apply total threshold to all risk domains (#71) (0b19167)

0.9.0

June 27, 2022

Feature

  • Add support for GitHub Actions CI environment (#68) (b59da0a)

0.8.1

June 16, 2022

Fix

  • Docker image tags are inconsistent (#67) (00a2b53)

0.8.0

June 15, 2022

Feature

  • Coordinate phylum-ci Docker image releases with new CLI releases (#63) (82b57e2)
  • Expose version arguments with a short form -V (92e9149)

Fix

  • Using gh cli requires specifying a token (#65) (1e070fd)
  • Logical prefixed not fails GitHub workflow syntax (#64) (00a5cb1)
  • Re-enable building docker images with pre-built distributions (c5d7aa0)

Documentation

  • Add a Code of Conduct (#60) (c953f68)
  • Add a security policy (21fce1b)
  • Reformat code examples to add whitespace lines (a31fdce)

Performance

0.7.0

June 1, 2022

Feature

  • Use a single character for "single dash" options (6a4b032)

Breaking

  • The short options for the following arguments changed (6a4b032):
    • --force-analysis was changed from -fa to -f
    • --force-install was changed from -fi to -i
    • --vul-threshold was changed from -vt to -u
    • --mal-threshold was changed from -mt to -m
    • --eng-threshold was changed from -et to -e
    • --lic-threshold was changed from -lt to -c
    • --aut-threshold was changed from -at to -o

0.6.0

May 27, 2022

Feature

  • Provide an option to force analysis (#55) (4d6fc3b)
  • Default to project settings for risk domain thresholds (#52) (9f10442)
  • Default to analyzing new dependencies only (#53) (e0894fc)

Fix

  • Ensure the "CI Platform Name" portion of a label is correct (#55) (1867fb6)
  • Enable Phylum UI links for groups (#54) (8775a63)

Breaking Changes

  • Individual risk domain threshold values can be set with command line options, which now accept values between 0 and 100, inclusive
    • Previously, the accepted values were between 0 and 99, inclusive
  • The option to analyze --new-deps-only was removed and replaced with one that has the opposite meaning: --all-deps
  • The short option to --force-install was changed from -f to -fi

0.5.2

May 24, 2022

Fix

  • Ensure notes are not duplicated in GitLab MRs (#43) (a8ffe7f)

0.5.1

May 20, 2022

Fix

  • Sync package issue key name changes from CLI v3.4.0 release (#41) (2f5f8d5)

0.5.0

May 19, 2022

Feature

  • Add support for GitLab CI environment (#38) (732daea)

0.4.0

May 18, 2022

Feature

  • Expose the Python package as a Docker image (#37) (0976f1d)

0.3.0

May 12, 2022

Feature

  • Add phylum-ci script entry point to analyze lockfile changes (#36) (f1cbac7)

0.2.1

May 4, 2022

Fix

  • Use phylum-bot account instead of a personal account (#34) (40ba743)

0.2.0-rc.0

May 3, 2022

Added

  • Modern release workflow

0.1.1

April 25, 2022

Added

  • phylum-init script entry point and initial functionality
  • Test workflows for local and CI based testing
  • Preview and Release workflows for Staging and Production environments
  • Phylum analyze workflow for PRs

0.0.1

March 28, 2022

Added

  • Basic Python project structure
    • Make use of poetry for environment, dependency, and package build/publish workflows
    • Not enough to provide any real functionality
    • Just enough to have a first release on TestPyPI and PyPI to claim the package name
  • Basic test structure, making use of pytest
  • This CHANGELOG.md file to adhere to a standard for documenting changes
  • A README.md file to explain how to do local development with this structure